forked from infra/ansible
78 lines
2.1 KiB
YAML
78 lines
2.1 KiB
YAML
---
|
|
|
|
- name: Install icinga
|
|
apt: name=icinga2
|
|
|
|
- name: Check if client is already enrolled
|
|
stat:
|
|
path: /var/lib/icinga2/certs/{{ ansible_fqdn }}.crt
|
|
register: cert_file
|
|
|
|
- name: Enroll agent on master server
|
|
block:
|
|
- name: Ensure certificate directory exists
|
|
file:
|
|
path: /var/lib/icinga2/certs
|
|
state: directory
|
|
owner: "{{ icinga_user }}"
|
|
group: "{{ icinga_group }}"
|
|
|
|
- name: Copy certificate from master
|
|
fetch:
|
|
src: /var/lib/icinga2/certs/{{ icinga_server }}.crt
|
|
dest: /tmp/{{ icinga_server }}.crt
|
|
flat: true
|
|
delegate_to: "{{ icinga_server }}"
|
|
|
|
- name: Copy certificate to host
|
|
copy:
|
|
src: /tmp/{{ icinga_server }}.crt
|
|
dest: /var/lib/icinga2/certs/{{ icinga_server }}.crt
|
|
owner: "{{ icinga_user }}"
|
|
group: "{{ icinga_group }}"
|
|
|
|
- name: Get ticket from master
|
|
shell: "icinga2 pki ticket --cn {{ ansible_fqdn }}"
|
|
register: "icinga_ticket"
|
|
changed_when: "False"
|
|
delegate_to: "{{ icinga_server }}"
|
|
|
|
- name: Setup node
|
|
command:
|
|
argv:
|
|
- icinga2
|
|
- node
|
|
- setup
|
|
- --ticket
|
|
- "{{ icinga_ticket.stdout | trim }}"
|
|
- --endpoint
|
|
- "{{ icinga_server }}"
|
|
- --zone
|
|
- "{{ ansible_fqdn }}"
|
|
- --parent_host
|
|
- "{{ icinga_server }}"
|
|
- --trustedcert
|
|
- "/var/lib/icinga2/certs/{{ icinga_server }}.crt"
|
|
- --accept-commands
|
|
- --accept-config
|
|
when: not cert_file.stat.exists
|
|
|
|
- name: Set agent address on master
|
|
template: src=hosts.agent.j2 dest=/etc/icinga2/conf.d/hosts/{{ inventory_hostname }}.01_agent owner={{ icinga_user }} group={{ icinga_group }}
|
|
delegate_to: "{{ icinga_server }}"
|
|
|
|
- name: Regenerate hosts.conf
|
|
assemble:
|
|
src: /etc/icinga2/conf.d/hosts
|
|
dest: /etc/icinga2/zones.d/master/hosts.conf
|
|
# validate: /usr/sbin/icinga2 daemon -c %s --validate
|
|
notify: Restart icinga2
|
|
delegate_to: "{{ icinga_server }}"
|
|
|
|
# TODO expand this to cover more than just the root partition
|
|
- name: Monitor disks
|
|
include_role: name=icinga-monitor tasks_from=disk
|
|
vars:
|
|
disks:
|
|
- "/"
|